Digitalization in Honduras: Regulation on Electronic Signatures

Published on Sep 26, 2024

Emanuel López, lawyer in Honduras and expert in Corporate and Administrative Law, shares this article on the imminent need for digital transformation for companies and governments around the world, where the electronic signature has become an essential tool to facilitate the execution of contracts, commercial transactions, and other legal acts without the need for physical presence. 

Digital transformation is an imminent need for companies and governments around the world. In this context, the electronic signature has become an essential tool to facilitate the execution of contracts, commercial transactions and other legal acts without the need to be physically present. 

In Honduras, the Law on Electronic Signatures (Decree 149-2013) and its Regulations mark a before and after in the way in which companies, both large and medium-sized, can streamline their operations and improve their legal security in the digital environment. 

The Electronic Signatures Law in Honduras aims to grant electronic signatures the same legal validity as traditional handwritten signatures. Its main purpose, as established in Article 1, is to regulate the use of these signatures in all types of information presented in the form of a data message, provided that the requirements and procedures defined in the law are met. This regulation applies to both companies and public entities, seeking to promote efficiency and security in digital transactions. 

One of the most important aspects of the law is that it does not alter the rules relating to the validity and effectiveness of contracts, but rather merely defines how electronic signatures can be used to guarantee the authenticity and will of the parties involved. 

Chapter I establishes the general provisions of the law, including key definitions that help understand how electronic signatures operate within the Honduran legal framework. In Article 3 we find definitions that are essential to understand the context of electronic signatures in Honduras. Some of the most relevant are: 

  • Electronic Signature: These are the data in electronic form that are attached or logically associated with a data message, and that allow the signatory to be identified with respect to the information contained. 

  • Advanced Electronic Signature: A signature that meets additional technical requirements, such as being certified by an accredited provider and being under the exclusive control of the holder. This signature allows any modification to the document to be detected and guarantees the identity of the holder, which significantly increases its legal security. 

  • Electronic Certificate: This certificate is a data message issued by a certification service provider that guarantees the validity and certainty of the electronic signature. 

These definitions are essential because they differentiate between the different types of electronic signatures and their level of security. While a basic electronic signature may be sufficient for certain acts, an advanced electronic signature will be indispensable for more critical transactions that require an additional level of trust. 

The Act promotes technological equality by ensuring that no technology for creating electronic signatures is excluded, provided it meets legal requirements or otherwise complies with the requirements of applicable law. 

Article 6 clearly states that acts and contracts executed by electronic signature will have the same validity and effects as those executed on paper with a handwritten signature, which allows companies and the State to use this technology safely. However, there are exceptions for certain acts, such as those related to family law or those that require formalities that cannot be fulfilled by electronic documents. 

Also, within the law we find the legal requirements or attributes of the electronic signature, being that when the law requires that a communication or contract be signed by one party, or foresees consequences in the event that it is not signed, this requirement will be considered fulfilled with respect to an electronic communication if: 

  1. The method used must identify the signing party and express its wishes regarding the information. 

  1. The method must meet the following characteristics: 

  1. Be as reliable as necessary for the purpose of the transaction. 

  1. Be demonstrated to be effective in practice to fulfill the functions described in paragraph 1. 

The electronic signature will be considered reliable if: 

  • The creation data corresponds only to the signer. 

  • It is verifiable and was under the exclusive control of the signatory at the time of signing. 

  • It allows the detection of alterations after the moment of signing. 

  • The information or data message is linked in such a way that, if they are changed, the electronic signature is invalidated. 

  • It is in accordance with accepted regulations. 

It also establishes that the signatory must: 

  1. Receive or generate electronic signature using a method authorized by the Certifying Authority. 

  1. Provide accurate information required by the Authority. 

  1. Comply with obligations derived from the use of the Signature 

  1. Act with diligence to prevent unauthorized use of signature creation data. 

  1. Respond to obligations arising from unauthorized use of your signature. 

  1. Revoke certificates when there are security risks. 

The signatory is liable for any unauthorized use of their signature if they have not acted with due diligence. 

The law also allows the parties to modify the effects of the law or establish exceptions by mutual agreement, provided that such an agreement is valid and effective under applicable law. 

Chapter II of the law is dedicated to Certifying Authorities, which are key entities in the electronic signature ecosystem. These authorities are responsible for issuing electronic certificates that validate the identity of the signer and ensure the authenticity of electronic signatures. 

It is established that both natural persons and legal entities may act as Certifying Authorities, provided that they meet certain requirements, such as having the economic, financial and technical capacity to guarantee the authenticity of electronic signatures. In addition, these entities are required to have qualified human resources and adequate security systems to guarantee the integrity and confidentiality of the certificates issued. 

It is important to note that notaries who meet these requirements will be automatically authorized to act as Certifying Authorities, which expands the range of actors who can perform this role in the country. 

Article 13 defines the duties of the Certification Authorities, which are essential to ensure trust in the electronic signature system. Some of these duties are: 

  • Issue certificates in accordance with agreements with subscribers. 

  • Implement security systems that ensure the preservation of electronic documents and issued certificates. 

  • Ensure the confidentiality and protection of information provided by subscribers. 

  • Facilitate audits and provide the competent authorities with the necessary information on the certificates issued. 

These requirements are essential to ensure that Certification Authorities operate under maximum security standards, since any non-compliance can have significant legal consequences for both the authority and the parties involved in the transactions. 

Electronic certificates are the cornerstone of legal security in advanced electronic signatures. Article 18 of the law details the minimum content that a certificate issued by a certifying authority must have, which includes: 

  • The name, address, and domicile of the subscriber and Certifying Authority. 

  • Identification of the subscriber named in the certificate 

  • The user's public key and the certificate serial number. 

  •